I'd say that anything that needs special care with respect to lighting, posing, or very high resolution, is likely to remain well-served by professional photographers.
A decent amateur can take his stabilized f/2.8 superzoom and take a reasonable shot of a chirping bird from even a decent distance. He'll be able to shoot portraits and check the LCD to see whether any of the subjects blinked during the shot. But he's less likely to have assistants or experience bringing and using reflectors, extra lamps, backdrops, slave flashes, and so forth, or to have worked with enough people and had enough training to pose people all that much. If macro shots are required, the amateur is a bit less likely to have gone whole-hog and gotten a decent macro lighting setup such as twin or ring flashes, unless that's one of his favored areas.
He's also less likely to bring a medium-format camera or equivalent for when he wants a shot that'll show good detail in an extended-family shot even when blown up to poster size.
Of course, as we all know from the reports of the mess at Los Alamos National Laboratories, it's very possible for a lab culture to be extremely casual about frequently breaching the mandated air gap. Just because the regulations exist doesn't mean that they're even remotely followed.
That comment implies possible confusion on the part of the developer, and uncertainty regarding design.
It's not even "Is this the most efficient way to implement this?" or "Should we switch to blah's way?"; it's much more fundamental than that, and it is a worrisome comment. If the developer isn't confident about even *where* some part of the code should be, and code from that confused developer actually made it into the kernel despite that confusion, why should a user have confidence in it?
On what grounds do you draw such a distinction between "professional" and non-professional software, and then suggest that the only possible justification for purchasing professional software is to earn money with it?
An enthusiastic amateur photographer, for instance, may benefit enormously from a capable package such as Photoshop even if he's not making any money from it. He can do batch processing, decent conversion between formats, build profiles for his monitor and printer so that his prints come out as expected in terms of color accuracy, work with more bits per channel so transformations lose less detail, use his favorites from the huge library of plugins made for Photoshop... for all the reasons that it's the premier package among professionals. It may be well worth it for him to purchase it instead of Paint Shop Pro or PS Elements, or to fuss with the Gimp.
If the Gimp had both as reasonable an interface and as powerful features of its commercial competitors, it'd be used more. However, it doesn't. Even JASC Paint Shop Pro -- a not terribly expensive product -- had a far better interface and more features, last I checked. That's in addition to well-done documentation and support.
There would seem to be a risk of error and fraud, however.
How do you ensure that the person whose name is on the envelope is actually the one who sent the ballot? If ballots allegedly from the same person, arrive... what happens?
Furthermore, how do you ensure that the ballot actually makes it through the postal system? Would it be possible for some partisan postal workers to have slightly higher loss rates from areas dominated by parties they disagree with?
Well, judging from Florida in '00, there were indeed a nontrivial number of people who had no idea of what they were doing.
There were, in fact, people who voted for multiple Presidential candidates -- although I don't recall whether this was in Florida. If memory serves, the people who did this were first-time voters who'd been given clear instructions by Democratic activists to be sure to vote on every page. Unfortunately for their cause, the Presidential candidates happened to be split into two pages, so when these new voters took their handlers' instructions literally, they spoiled their own ballots.
There are other possible failures as well; perhaps people who submit an ambiguous ballot with scratched-out marks when they change their mind instead of properly requesting another one, and that sort of thing.
Blogs and opinion columns do not exactly make for reliable sources, especially when you're trying to support insinuations of the rather serious charge of electon fraud.
Without the paper, there's little to ensure that the vote actually recorded (for the purposes of the final count) matches what the machine tells the voter.
With the paper,/if/ one could deposit a paper receipt visible to the voter (so he can confirm that it matches his vote) into a secure box, then it should be as secure as a traditional voting system.
One can design an interface that would cut down the risk of accidentally spoiled ballots, even in Palm Beach County.
As in, say, big freakin' letters indicating "YOU HAVE SELECTED PAT BUCHANAN. ARE YOU SURE?" or "YOU HAVE VOTED FOR TWO PRESIDENTIAL CANDIDATES. ARE YOU SURE?" and so forth. Confirmation dialogues should cut things down so invalid votes are only likely if they -want- to invalidate their own ballots.
One could also add additional information (e.g. blurb of the candidate's choice, list of top campaign contributors, voting record, what-not).
If you want to find out what the guide number is for the built-in flash on a Sony T7, for instance, to help somebody on a web forum who's asking for it, you might (after finding out that Sony doesn't make it easy to find their manuals online, if they're available at all on their own site) try searching Google for
'sony T7 flash "guide number"'.
And the first link you get is for a shopping site for a completely different camera. The second is from that same site for a different item. The third is from a shopping site that lists/external/ flashes, and uses a non-English font. The fourth, same site. Fifth, blog about a Canon speedlite. Sixth, same blog, Sigma ring flash. Seventh, shopping engine offering info about a Sony/external/ flash. Eighth, MacMall shopping. Ninth, looks like a Portugese shopping site. Tenth, back to English... shopping site.
IOW, a page full of crap, dominated by shopping sites, when all you want to find out is "WTF is the guide number of the built-in flash of a Sony T7 digital camera"? And that's probably because there's bloody lots of shopping sites, some of them actually legitimate, as well as price-checking engines, for digital cameras.
Plus, with Yahoo!/Overture's cost model, it's not just positioning that factors into the cost model, but traffic. If you have ads that get clicked-through often -- which is probably more the case with people looking for heavily commercial content and in the mood for market research -- you'll need to pay more to keep your spot, at least if other advertisers are competing with you.
I can think of a certain TLA that would be extremely interested in machine translation and probably has access to ludicrous amounts of computing power, archived text in a variety of languages of interest, and top-notch scientists.
Hotmail, as one might expect for a webmail system, is a rather poor system for a spammer to use. You're much more likely to see spam bouncing off some DSL-connected worm-pwn3d machine than you are from Hotmail.
Er, a large generation/might/ be becoming criminals, but with respect to computer crime that's a separate issue mostly -- file trading (and IIRC, many of them are probably only liable for civil suits so far since the bar for it becoming a criminal matter is fairly high). That's a lot more common of an offense than anything that might be considered hacking by even the most generous definitions.
As for the manifesto itself, it's absurd and incredibly egocentric. "Judging people by what they look like"? No; we're going to judge you by your actions, if you get caught trying to manipulate somebody else's bank account. A suspect's age, or lack thereof, is irrelevant other than one might actually get *leniency* if the court thinks that the accused is just a temporarily stupid kid who'll grow out of it if given another chance. A 43-year-old man of sound mind who should damn well know better by his age is probably more likely to get the book thrown at him.
Doesn't matter if you're fat or an athlete; precocious or not; curious or, er, not; living in your parent's basement like an impoverished vampire, or bedding every prom queen in a three-state area. The ethics and consequences of an act don't fundamentally change. Figuring out how one's DVD player handles CSS or figuring out how to update the data in your car's navigation system is still pretty spiffy, but spending one's time releasing worms that consume bandwidth and memory while forcing victims to figure out whether the worm could have installed any backdoors is still damaging -- and the more intelligent one is, the less excuse there is for not having thought of the consequences.
*snort*
Yet more rambling could take apart the whole "bored with school" line, as well. I knew a bloody lot of people who excelled academically; the most extreme might have been a person who (by the finish of her high school years) mastered calculus by about 13 or so, was fluent in multiple languages from different linguistic families, also played a musical instrument IIRC, and still somehow found the time to be a competent athlete. The 'smarter than her teachers' claim that often radiates from somewhat bright youngsters might actually have been true in her case, but instead of using this an obnoxious "I'm smart enough that your ethics don't apply to me" card, she and her parents simply raised the bars very, very high.
For institutions in which maintaining customer faith in the security of their information is extremely critical, it might actually make sense to have IT people working with their software vendors and specifically looking for vulnerabilities before anybody else finds them. If your online banking system has a flaw, it's best if you or the vendor finds it before anybody else does in case that somebody else does something which sends your customers fleeing in droves and worrying about identity theft.
Of course, an employee might want to reconsider searching for vulnerabilities in his workplace system if it's not remotely part of his job, unless he's on sufficiently good terms with his boss and IT department to the point that they'll believe that it was for the good of the company and not so that he can sell the payroll information or whatever...
Hm. Makes one wonder if there's any way that corporate IP people would consider sharing information.
Seems unlikely, since companies don't like admitting that they've been compromised (unless forced to do so -- there's a relevant California law regarding customer data, IIRC), but if they pooled information on this sort (e.g. attack methods, pwn3d machines that they were attacked through, any apparent targets, etc) they might be able to better judge when it's worth spending resources on pursuing some possible ring. It might then be easier to hand off a dossier to the FBI and convince 'em that there's something going on.
Quite irrelevant to my post. If you re-read mine, you'll see quite clearly that I suggested that the evaluation of an act should focus on its consequences, not on its motive. The mindset that "it's for thrills, not for money, and therefore it's not wrong" is absurd.
As for "do something else than it's purpose", that's very vague. Again, it depends on the consequences. It might be considered unethical, for instance, to release a program which let people easily unlock everybody's cars with their cell phones (not that it's likely to be possible), since the likely consequence of an increase in auto theft would probably not outweigh any "helping people who locked themselves out" business. That'd be the case even if the tool were produced and released merely because it seemed to be a nifty bit of technology.
The actual exploitation, however, is the fault of the person who actually takes advantage of said vulnerability, much the same way that the mere vulnerability of your average car to theft does not in any way excuse the actual act of doing so.
From the victim's point of view, barring taking the system apart and comparing it with a known uncompromised version, it's damn near impossible to ensure that further damage wasn't done. Even if the machine isn't listening on any ports at all, for instance, it doesn't mean that a program couldn't have been modified to open up a back door several months later. An e-mail client could have been modified to auto-execute instructions from certain attachments. Or so forth. You can't really prove that the intruder was a theoretically benign 'hacker' instead of somebody with more malign intent, but you/do/ know that if he had malignant intent, he could have done a variety of things; and if he managed root/adminstrator access, you have a very large problem on your hand.
Ideally, you would prefer that the vulnerablity not have been exploited at all, but that the person sharp enough to notice such would bring it to the attention of those in a position to do something about it -- notifying the authors of the relevant software, for instance. If you notice that your garage door opener opens numerous garages in your neighborhood, you should probably mention this to the manufacturers or your neighbors rather than notifying them of the problem by visiting their garages when they're not expecting it.
While this undoubtably astounds you, the mere fact that thrill may motivate somebody more than profit does not remove responsibility for the consequences of one's actions, or the possible immorality thereof.
To take an extreme example of your argument -- the popular, if utterly bogus, "slippery slope" approach -- your argument would suggest that murder, if committed for thrills but not money, is simply dandy. Less severely, it would justify breaking into peoples' homes if nothing were stolen or physically damage, despite the fact that this too can have substantial consequences (in this case, psychological). It's actually worse in the case of computers because it's more difficult to do a thorough yet precise assessment of what exactly has been compromised, which is why locking down the system followed by auditing, reinstallation and patching should be done if anything important was there at all.
The fact is, an unauthorized intrusion into a system has severe consequences -- regardless of its motivation. So does the authoring and releasing of compromises without sufficient warning to those vulnerable or in a position to ameliorate said vulnerabilities. A worm, released, does damage based on its code, not the author's intent; recall the RTM worm, for instance.
Harmless? No. In either case, a compromised system should be fully audited and rebuilt, barring certainty about the limits of potential damage. Any information that passed through that system also has to be considered compromised with potentially widespread effect. That costs non-trivial time and money.
Throw out an extreme idea as a trial balloon, then claim generosity when replacing it with a somewhat moderated version -- such as demanding that foreign governments provide more background information on their nationals entering here, or otherwise strengthening visa requirements. Goes hand-in-hand with demanding more information on anybody flying to or even flying over this country.
A more paranoid angle would be that it's an attempt to reduce government funding of research, by making it difficult for universities to find sufficient students willing to put up with it (an awful lot of grad students are foreign nationals, after all). Make the system dysfunctional enough, than discard it. I doubt Congress would be amused, however, when asked to play along during budgetary hearings.
It's also possible that this is just a smokescreen to punish India and China for competing too well Those damn furriners are overrunning higher education, especially in the technical fields, so use a pretext to slow their influx. We don't have a huge number of Saudi grad students AFAIK, and furthermore placing restrictions on them would immediately get spinned as yet more proof of a general cultural war led by the American infidel against the whole of Islamic civilization that must be resisted with global jihad.
Somebody may also still be pissed that India and Pakistan tested nuclear weapons without the US apparently having any clue that they were that far along.
A final reason might be that those proposing the policy are simply wildly out of touch, insane or stupid. It wouldn't be the first time a government did something in an utterly stupid fashion.
Slashdot Mirror
I'd say that anything that needs special care with respect to lighting, posing, or very high resolution, is likely to remain well-served by professional photographers.
A decent amateur can take his stabilized f/2.8 superzoom and take a reasonable shot of a chirping bird from even a decent distance. He'll be able to shoot portraits and check the LCD to see whether any of the subjects blinked during the shot. But he's less likely to have assistants or experience bringing and using reflectors, extra lamps, backdrops, slave flashes, and so forth, or to have worked with enough people and had enough training to pose people all that much. If macro shots are required, the amateur is a bit less likely to have gone whole-hog and gotten a decent macro lighting setup such as twin or ring flashes, unless that's one of his favored areas.
He's also less likely to bring a medium-format camera or equivalent for when he wants a shot that'll show good detail in an extended-family shot even when blown up to poster size.
Of course, as we all know from the reports of the mess at Los Alamos National Laboratories, it's very possible for a lab culture to be extremely casual about frequently breaching the mandated air gap. Just because the regulations exist doesn't mean that they're even remotely followed.
That comment implies possible confusion on the part of the developer, and uncertainty regarding design.
It's not even "Is this the most efficient way to implement this?" or "Should we switch to blah's way?"; it's much more fundamental than that, and it is a worrisome comment. If the developer isn't confident about even *where* some part of the code should be, and code from that confused developer actually made it into the kernel despite that confusion, why should a user have confidence in it?
On what grounds do you draw such a distinction between "professional" and non-professional software, and then suggest that the only possible justification for purchasing professional software is to earn money with it?
An enthusiastic amateur photographer, for instance, may benefit enormously from a capable package such as Photoshop even if he's not making any money from it. He can do batch processing, decent conversion between formats, build profiles for his monitor and printer so that his prints come out as expected in terms of color accuracy, work with more bits per channel so transformations lose less detail, use his favorites from the huge library of plugins made for Photoshop... for all the reasons that it's the premier package among professionals. It may be well worth it for him to purchase it instead of Paint Shop Pro or PS Elements, or to fuss with the Gimp.
Time isn't free.
If the Gimp had both as reasonable an interface and as powerful features of its commercial competitors, it'd be used more. However, it doesn't. Even JASC Paint Shop Pro -- a not terribly expensive product -- had a far better interface and more features, last I checked. That's in addition to well-done documentation and support.
In at least some states, you can get separate identification cards that do not actually require any skills or qualifications.
Not requiring some identification is just a recipe for repeat voting -- or, for that matter, preemptively voting in somebody else's name.
There would seem to be a risk of error and fraud, however.
How do you ensure that the person whose name is on the envelope is actually the one who sent the ballot? If ballots allegedly from the same person, arrive... what happens?
Furthermore, how do you ensure that the ballot actually makes it through the postal system? Would it be possible for some partisan postal workers to have slightly higher loss rates from areas dominated by parties they disagree with?
Well, judging from Florida in '00, there were indeed a nontrivial number of people who had no idea of what they were doing.
There were, in fact, people who voted for multiple Presidential candidates -- although I don't recall whether this was in Florida. If memory serves, the people who did this were first-time voters who'd been given clear instructions by Democratic activists to be sure to vote on every page. Unfortunately for their cause, the Presidential candidates happened to be split into two pages, so when these new voters took their handlers' instructions literally, they spoiled their own ballots.
There are other possible failures as well; perhaps people who submit an ambiguous ballot with scratched-out marks when they change their mind instead of properly requesting another one, and that sort of thing.
Blogs and opinion columns do not exactly make for reliable sources, especially when you're trying to support insinuations of the rather serious charge of electon fraud.
Without the paper, there's little to ensure that the vote actually recorded (for the purposes of the final count) matches what the machine tells the voter.
/if/ one could deposit a paper receipt visible to the voter (so he can confirm that it matches his vote) into a secure box, then it should be as secure as a traditional voting system.
With the paper,
One can design an interface that would cut down the risk of accidentally spoiled ballots, even in Palm Beach County.
As in, say, big freakin' letters indicating "YOU HAVE SELECTED PAT BUCHANAN. ARE YOU SURE?" or "YOU HAVE VOTED FOR TWO PRESIDENTIAL CANDIDATES. ARE YOU SURE?" and so forth. Confirmation dialogues should cut things down so invalid votes are only likely if they -want- to invalidate their own ballots.
One could also add additional information (e.g. blurb of the candidate's choice, list of top campaign contributors, voting record, what-not).
It probably depends on what you're looking for.
/external/ flashes, and uses a non-English font. The fourth, same site. Fifth, blog about a Canon speedlite. Sixth, same blog, Sigma ring flash. Seventh, shopping engine offering info about a Sony /external/ flash. Eighth, MacMall shopping. Ninth, looks like a Portugese shopping site. Tenth, back to English... shopping site.
If you want to find out what the guide number is for the built-in flash on a Sony T7, for instance, to help somebody on a web forum who's asking for it, you might (after finding out that Sony doesn't make it easy to find their manuals online, if they're available at all on their own site) try searching Google for
'sony T7 flash "guide number"'.
And the first link you get is for a shopping site for a completely different camera. The second is from that same site for a different item. The third is from a shopping site that lists
IOW, a page full of crap, dominated by shopping sites, when all you want to find out is "WTF is the guide number of the built-in flash of a Sony T7 digital camera"? And that's probably because there's bloody lots of shopping sites, some of them actually legitimate, as well as price-checking engines, for digital cameras.
Most likely.
Plus, with Yahoo!/Overture's cost model, it's not just positioning that factors into the cost model, but traffic. If you have ads that get clicked-through often -- which is probably more the case with people looking for heavily commercial content and in the mood for market research -- you'll need to pay more to keep your spot, at least if other advertisers are competing with you.
I can think of a certain TLA that would be extremely interested in machine translation and probably has access to ludicrous amounts of computing power, archived text in a variety of languages of interest, and top-notch scientists.
Hotmail, as one might expect for a webmail system, is a rather poor system for a spammer to use. You're much more likely to see spam bouncing off some DSL-connected worm-pwn3d machine than you are from Hotmail.
The forced repatriation of Celine Dion? :p
Er, a large generation /might/ be becoming criminals, but with respect to computer crime that's a separate issue mostly -- file trading (and IIRC, many of them are probably only liable for civil suits so far since the bar for it becoming a criminal matter is fairly high). That's a lot more common of an offense than anything that might be considered hacking by even the most generous definitions.
As for the manifesto itself, it's absurd and incredibly egocentric. "Judging people by what they look like"? No; we're going to judge you by your actions, if you get caught trying to manipulate somebody else's bank account. A suspect's age, or lack thereof, is irrelevant other than one might actually get *leniency* if the court thinks that the accused is just a temporarily stupid kid who'll grow out of it if given another chance. A 43-year-old man of sound mind who should damn well know better by his age is probably more likely to get the book thrown at him.
Doesn't matter if you're fat or an athlete; precocious or not; curious or, er, not; living in your parent's basement like an impoverished vampire, or bedding every prom queen in a three-state area. The ethics and consequences of an act don't fundamentally change. Figuring out how one's DVD player handles CSS or figuring out how to update the data in your car's navigation system is still pretty spiffy, but spending one's time releasing worms that consume bandwidth and memory while forcing victims to figure out whether the worm could have installed any backdoors is still damaging -- and the more intelligent one is, the less excuse there is for not having thought of the consequences.
*snort*
Yet more rambling could take apart the whole "bored with school" line, as well. I knew a bloody lot of people who excelled academically; the most extreme might have been a person who (by the finish of her high school years) mastered calculus by about 13 or so, was fluent in multiple languages from different linguistic families, also played a musical instrument IIRC, and still somehow found the time to be a competent athlete. The 'smarter than her teachers' claim that often radiates from somewhat bright youngsters might actually have been true in her case, but instead of using this an obnoxious "I'm smart enough that your ethics don't apply to me" card, she and her parents simply raised the bars very, very high.
Quite true.
For institutions in which maintaining customer faith in the security of their information is extremely critical, it might actually make sense to have IT people working with their software vendors and specifically looking for vulnerabilities before anybody else finds them. If your online banking system has a flaw, it's best if you or the vendor finds it before anybody else does in case that somebody else does something which sends your customers fleeing in droves and worrying about identity theft.
Of course, an employee might want to reconsider searching for vulnerabilities in his workplace system if it's not remotely part of his job, unless he's on sufficiently good terms with his boss and IT department to the point that they'll believe that it was for the good of the company and not so that he can sell the payroll information or whatever...
Hm. Makes one wonder if there's any way that corporate IP people would consider sharing information.
Seems unlikely, since companies don't like admitting that they've been compromised (unless forced to do so -- there's a relevant California law regarding customer data, IIRC), but if they pooled information on this sort (e.g. attack methods, pwn3d machines that they were attacked through, any apparent targets, etc) they might be able to better judge when it's worth spending resources on pursuing some possible ring. It might then be easier to hand off a dossier to the FBI and convince 'em that there's something going on.
Quite irrelevant to my post. If you re-read mine, you'll see quite clearly that I suggested that the evaluation of an act should focus on its consequences, not on its motive. The mindset that "it's for thrills, not for money, and therefore it's not wrong" is absurd.
As for "do something else than it's purpose", that's very vague. Again, it depends on the consequences. It might be considered unethical, for instance, to release a program which let people easily unlock everybody's cars with their cell phones (not that it's likely to be possible), since the likely consequence of an increase in auto theft would probably not outweigh any "helping people who locked themselves out" business. That'd be the case even if the tool were produced and released merely because it seemed to be a nifty bit of technology.
The actual exploitation, however, is the fault of the person who actually takes advantage of said vulnerability, much the same way that the mere vulnerability of your average car to theft does not in any way excuse the actual act of doing so.
/do/ know that if he had malignant intent, he could have done a variety of things; and if he managed root/adminstrator access, you have a very large problem on your hand.
From the victim's point of view, barring taking the system apart and comparing it with a known uncompromised version, it's damn near impossible to ensure that further damage wasn't done. Even if the machine isn't listening on any ports at all, for instance, it doesn't mean that a program couldn't have been modified to open up a back door several months later. An e-mail client could have been modified to auto-execute instructions from certain attachments. Or so forth. You can't really prove that the intruder was a theoretically benign 'hacker' instead of somebody with more malign intent, but you
Ideally, you would prefer that the vulnerablity not have been exploited at all, but that the person sharp enough to notice such would bring it to the attention of those in a position to do something about it -- notifying the authors of the relevant software, for instance. If you notice that your garage door opener opens numerous garages in your neighborhood, you should probably mention this to the manufacturers or your neighbors rather than notifying them of the problem by visiting their garages when they're not expecting it.
While this undoubtably astounds you, the mere fact that thrill may motivate somebody more than profit does not remove responsibility for the consequences of one's actions, or the possible immorality thereof.
To take an extreme example of your argument -- the popular, if utterly bogus, "slippery slope" approach -- your argument would suggest that murder, if committed for thrills but not money, is simply dandy. Less severely, it would justify breaking into peoples' homes if nothing were stolen or physically damage, despite the fact that this too can have substantial consequences (in this case, psychological). It's actually worse in the case of computers because it's more difficult to do a thorough yet precise assessment of what exactly has been compromised, which is why locking down the system followed by auditing, reinstallation and patching should be done if anything important was there at all.
The fact is, an unauthorized intrusion into a system has severe consequences -- regardless of its motivation. So does the authoring and releasing of compromises without sufficient warning to those vulnerable or in a position to ameliorate said vulnerabilities. A worm, released, does damage based on its code, not the author's intent; recall the RTM worm, for instance.
Harmless? No. In either case, a compromised system should be fully audited and rebuilt, barring certainty about the limits of potential damage. Any information that passed through that system also has to be considered compromised with potentially widespread effect. That costs non-trivial time and money.
Bargaining chip, perhaps.
Throw out an extreme idea as a trial balloon, then claim generosity when replacing it with a somewhat moderated version -- such as demanding that foreign governments provide more background information on their nationals entering here, or otherwise strengthening visa requirements. Goes hand-in-hand with demanding more information on anybody flying to or even flying over this country.
A more paranoid angle would be that it's an attempt to reduce government funding of research, by making it difficult for universities to find sufficient students willing to put up with it (an awful lot of grad students are foreign nationals, after all). Make the system dysfunctional enough, than discard it. I doubt Congress would be amused, however, when asked to play along during budgetary hearings.
It's also possible that this is just a smokescreen to punish India and China for competing too well Those damn furriners are overrunning higher education, especially in the technical fields, so use a pretext to slow their influx. We don't have a huge number of Saudi grad students AFAIK, and furthermore placing restrictions on them would immediately get spinned as yet more proof of a general cultural war led by the American infidel against the whole of Islamic civilization that must be resisted with global jihad.
Somebody may also still be pissed that India and Pakistan tested nuclear weapons without the US apparently having any clue that they were that far along.
A final reason might be that those proposing the policy are simply wildly out of touch, insane or stupid. It wouldn't be the first time a government did something in an utterly stupid fashion.
Forgetting the initial attempt to bring down the World Trade Center, are we?